diff --git a/Shorewall-core/lib.common b/Shorewall-core/lib.common
index da468b9a2..5b3bfad6d 100644
--- a/Shorewall-core/lib.common
+++ b/Shorewall-core/lib.common
@@ -316,6 +316,7 @@ reload_kernel_modules() {
local moduleloader
moduleloader=modprobe
local uname
+ local extras
if ! qt mywhich modprobe; then
moduleloader=insmod
@@ -323,9 +324,25 @@ reload_kernel_modules() {
[ -n "${MODULE_SUFFIX:=ko ko.gz ko.xz o o.gz o.xz gz xz}" ]
- [ -z "$MODULESDIR" ] && \
- uname=$(uname -r) && \
+ if [ -n "$MODULESDIR" ]; then
+ case "$MODULESDIR" in
+ +*)
+ extras="$MODULESDIR"
+ extras=${extras#+}
+ MODULESDIR=
+ ;;
+ esac
+ fi
+
+ if [ -z "$MODULESDIR" ]; then
+ uname=$(uname -r)
MODULESDIR=/lib/modules/$uname/kernel/net/ipv${g_family}/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/kernel/net/sched:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset
+ if [ -n "$extras" ]; then
+ for directory in $(split "$extras"); do
+ MODULESDIR="$MODULESDIR:/lib/modules/$uname/$directory"
+ done
+ fi
+ fi
[ -d /sys/module/ ] || MODULES=$(lsmod | cut -d ' ' -f1)
@@ -355,6 +372,7 @@ load_kernel_modules() # $1 = Yes, if we are to save moduleinfo in $VARDIR
local savemoduleinfo
savemoduleinfo=${1:-Yes} # So old compiled scripts still work
local uname
+ local extras
if ! qt mywhich modprobe; then
moduleloader=insmod
@@ -362,9 +380,25 @@ load_kernel_modules() # $1 = Yes, if we are to save moduleinfo in $VARDIR
[ -n "${MODULE_SUFFIX:=o gz xz ko o.gz o.xz ko.gz ko.xz}" ]
- [ -z "$MODULESDIR" ] && \
- uname=$(uname -r) && \
+ if [ -n "$MODULESDIR" ]; then
+ case "$MODULESDIR" in
+ +*)
+ extras="$MODULESDIR"
+ extras=${extras#+}
+ MODULESDIR=
+ ;;
+ esac
+ fi
+
+ if [ -z "$MODULESDIR" ]; then
+ uname=$(uname -r)
MODULESDIR=/lib/modules/$uname/kernel/net/ipv${g_family}/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/kernel/net/sched:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset
+ if [ -n "$extras" ]; then
+ for directory in $(split "$extras"); do
+ MODULESDIR="$MODULESDIR:/lib/modules/$uname/$directory"
+ done
+ fi
+ fi
for directory in $(split $MODULESDIR); do
[ -d $directory ] && moduledirectories="$moduledirectories $directory"
diff --git a/Shorewall/manpages/shorewall.conf.xml b/Shorewall/manpages/shorewall.conf.xml
index 4c73b4846..54282e7f6 100644
--- a/Shorewall/manpages/shorewall.conf.xml
+++ b/Shorewall/manpages/shorewall.conf.xml
@@ -1625,11 +1625,11 @@ LOG:info:,bar net fw
This parameter specifies the directory/directories where your
kernel netfilter modules may be found. If you leave the variable
- empty, Shorewall will supply the value "/lib/modules/`uname
- -r`/kernel/net/ipv4/netfilter" in versions of Shorewall prior to
- 3.2.4 and "/lib/modules/`uname
- -r`/kernel/net/ipv4/netfilter:/lib/modules/`uname
- -r`/kernel/net/ipv4/netfilter" in later versions.
+ empty, Shorewall will supply the value
+ "/lib/modules/$uname/kernel/net/ipv${g_family}/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/kernel/net/sched:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset"
+ where uname holds the output of
+ 'uname -r' and g_family holds '4'.
diff --git a/Shorewall6/manpages/shorewall6.conf.xml b/Shorewall6/manpages/shorewall6.conf.xml
index 7912044ef..3629014ea 100644
--- a/Shorewall6/manpages/shorewall6.conf.xml
+++ b/Shorewall6/manpages/shorewall6.conf.xml
@@ -1442,9 +1442,11 @@ LOG:info:,bar net fw
This parameter specifies the directory/directories where your
kernel netfilter modules may be found. If you leave the variable
- empty, Shorewall6 will supply "/lib/modules/`uname
- -r`/kernel/net/ipv4/netfilter:/lib/modules/`uname
- -r`/kernel/net/ipv4/netfilter".
+ empty, Shorewall will supply the value
+ "/lib/modules/$uname/kernel/net/ipv${g_family}/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/kernel/net/sched:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset"
+ where uname holds the output of
+ 'uname -r' and g_family holds '6'.